From: Chris Marusich <cmmarusich@gmail.com>
To: 31285@debbugs.gnu.org
Cc: Chris Marusich <cmmarusich@gmail.com>
Subject: [bug#31285] [PATCH 0/1] guix: Add git-fetch/impure.
Date: Fri, 27 Apr 2018 01:15:20 -0700 [thread overview]
Message-ID: <20180427081520.28645-1-cmmarusich@gmail.com> (raw)
Hi Guix!
Sometimes, a Git repository may only be available via an authenticated
SSH connection. Even in the case of repositories that only contain
free software, this situation can arise for administrative or
compliance-related reasons. How can one define a package in such a
situation?
This patch adds a new origin method, git-fetch/impure, which solves
that problem. Specifically, git-fetch/impure creates a fixed-output
derivation that fetches the Git repository outside of a derivation, in
the environment of the invoking user. In particular, this enables SSH
to communicate with the user's SSH agent, which in turn allows Git to
fetch the repository over an authenticated SSH connection. In
addition, because it is a fixed-output derivation, the output of a
successful git-fetch/impure is guaranteed to be identical to the
output of a pure git-fetch for any given commit.
Here's a simple example:
(define-public guix-over-ssh
(package
(inherit guix)
(name "guix-over-ssh")
(source
(origin
(inherit (package-source guix))
(method git-fetch/impure)
(uri
(git-reference
(inherit (origin-uri (package-source guix)))
(url "ssh://marusich@git.sv.gnu.org:/srv/git/guix.git")))))))
In this particular example, my username appears in the package
definition, but there is no reason why that has to be so. In many
systems, it is possible to grant access to multiple users with
different SSH keys under a single shared user name. And in other
systems, an automated build system might need to fetch sources using
its own unique system user name and SSH key.
All in all, I think this is pretty useful. It enables developers to
define packages in environments where authenticated access to Git
repositories is required. Please let me know what you think!
Chris Marusich (1):
guix: Add git-fetch/impure.
doc/guix.texi | 24 +++++++
guix/git-download.scm | 150 ++++++++++++++++++++++++++++++++++++++++++
2 files changed, 174 insertions(+)
--
2.17.0
next reply other threads:[~2018-04-27 8:16 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-27 8:15 Chris Marusich [this message]
2018-04-27 8:26 ` [bug#31285] [PATCH 1/1] guix: Add git-fetch/impure Chris Marusich
2018-04-30 2:49 ` Chris Marusich
2020-12-01 18:06 ` zimoun
2020-04-18 15:54 ` [bug#31285] [PATCH 0/1] " sirgazil via Guix-patches via
2020-10-22 0:44 ` Luis Felipe via Guix-patches via
2021-07-14 9:23 ` bug#31285: " Chris Marusich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180427081520.28645-1-cmmarusich@gmail.com \
--to=cmmarusich@gmail.com \
--cc=31285@debbugs.gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).